Why do they need all this info on Roku owners? From the Roku privacy policy:
Information you provide Roku through the Roku Services includes, for example, your name, email address, postal address, billing and shipping information, product purchase information, credit card and other payment data, product registration information, and demographics. If you connect with Roku’s accounts on third party social networking sites, we may also collect information about your social networking accounts, for example, your name, user name, or handle.
Why do they need to (or even want to) know the user names I use for social media accounts? This is under the heading of “Information you provide.” They also collect the information you provide about others:
We also collect the personal information of other people, for example, if you provide email addresses of friends for referrals or postal addresses of recipients for gift purchases.
And here’s what they say they do with all the data:
We may also combine information you provide with data we collect automatically (as further described below) and with data we receive from third parties. We may also associate information you provide with information we collect about you from different devices, browsers and platforms.
The information they collect automatically:
We may automatically collect information related to your use of Roku Sites – for example [which implies they collect more than this], we collect your computer’s or mobile device’s operating system type and version, Internet Protocol (IP) address, mobile device ID, access times, browser type and language, and the websites you visited before coming to a Roku Site. We also use cookies and related technologies such as web beacons to better understand your needs, remember your preferences, and to provide targeted advertising.
All that so I can better enjoy their advertising? If they want to increase my Roku enjoyment, why don’t they stop channel providers from making me watch a 30 second commercial before I can see a 15 second film clip? Anyway, there’s another paragraph regarding information Roku “automatically and regularly” collects, such as your IP address, info about your Roku device (including where you bought it), the name of your local wi-fi network, and devices connected to your Roku. Again, why do they need all this?
If it isn’t bad enough that Roku is collecting information, so are the channel developers, who apparently have their own privacy policies:
providers of the Roku Direct Publisher Channels may also collect certain information through their channels as described in their respective privacy policies.
Then there are those “third party” collectors of information:
Third parties who provide us with analytics services for the Roku Services may also automatically collect some of the information described above, including, for example, IP address, access times, browser type and language, device type, device identifiers and Wi-Fi information.
Other third parties, including channel providers, advertisers and ad-related services, may also automatically collect information about you through the Roku Services and Third Party Channels, including personally identifiable information about your online activities over time and across different websites, devices, online channels and applications when you use our services…
Some third parties help us and others associate your activities across the browsers and devices you use, or that your household uses, for retargeting, cross-device advertising, analytics, and measurement purposes. Some third parties, such as Google, may also collect information on behalf of Roku and others for online advertising purposes and to provide Roku and others statistics about users of the Roku Services.
From Roku third party partner Google, regarding the information they collect:
When you visit a website that uses our advertising products (like AdSense), social products (like the +1 button), or analytics tools (Google Analytics), your web browser automatically sends certain information to Google. This includes, for example, the web address of the page that you’re visiting and your IP address. We may also set cookies on your browser or read cookies that are already there.
So Google sees and collects every web page you’ve visited since you last deleted your browser’s cookies. In addition, from Google’s privacy policy:
We collect information in the following ways:
Information you give us.
Information we get from your use of our services. We collect information about the services that you use and how you use them, like when you watch a video on YouTube, visit a website that uses our advertising services, or view and interact with our ads and content.
We collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Google may associate your device identifiers or phone number with your Google Account…
details of how you used our service, such as your search queries…
telephony log information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls…
When you use Google services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell towers…
We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches…
Google is also reading your email:
Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection.
Who has access to your Google info? Who knows?
Google processes personal information on our servers in many countries around the world. We may process your personal information on a server located outside the country where you live…
We provide personal information to our affiliates or other trusted businesses or persons to process it for us…
We will share personal information with companies, organizations or individuals outside of Google if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary…
We restrict access to personal information to Google employees, contractors and agents who need to know that information in order to process it for us.
If that’s not bad enough, what if Google goes out of business?
If Google is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.
Doesn’t that make you feel better? All your personal information (what is there that Google doesn’t know about you?), including how, when, and where you watch programs on your Roku is potentially public knowledge.
As mentioned in my 2015 post on Roku’s privacy policy, which attempts to explain some of the data collecting technology, and again included in Roku’s 2016 privacy policy:
Each Roku Device has unique identifiers, including a unique, non-permanent identifier called Roku Identifiers for Advertisers (RIDAs)…We may use RIDAs and information associated with RIDAs to try to understand your interests…We may supplement that information with information collected from the Roku Services, Third Party Channels, and websites, mobile apps, devices, platforms and data sources of third parties…We may also associate information collected using RIDAs with other information that identifies you, your household or your devices to personalize the advertising you see on third party websites, mobile apps, devices and platforms and other Roku Devices.
Channel providers, third party advertisers, ad measurement providers, and ad services may also use RIDAs and other information they collect about you from your Roku Devices, Roku Direct Publisher Channels, and Third Party Channels for their own advertising purposes…certain third parties with whom Roku has a business relationship (such as Nielsen and Comscore) may collect information about what you view on Roku Devices (including when you view content within a Roku Direct Publisher Channel or a Third Party Channel)
It seems Roku really likes to share:
Roku may also share information with third parties whose services are integral to the use of the Roku Devices. For example, we may share information collected from the Roku Devices with Third Party Channel providers and Roku Direct Publisher Channel content providers. The use of data by such third parties is subject to their respective privacy policies.
Roku uses third parties (including contractors and service providers) to provide services for us and to help with our operations, which may require that they access and use your information…
We may share some or all of your information with our current or future “affiliates”…
Roku may also share your information with others in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company.
In case you’re worried about how Roku stores all that personal info they have on you (is that a major concern after discovering how much they spread it around?):
Roku uses industry-standard methods of securing its electronic databases of personal information. However, you should know that no company, including Roku, can fully eliminate security risks associated with personal information…
Roku is a global company with affiliates, varied business processes, management structures and technical systems that cross borders. Information collected by Roku or on our behalf may be stored on your Roku Devices, on your mobile device if you use the Roku Mobile App, or on our servers, and may be transferred to, accessed from, or stored and processed in, the United States, EU member state countries, India, the Philippines and Costa Rica, and any other country where Roku or its service providers maintain facilities or call centers, including jurisdictions that may not have data privacy laws that provide protections equivalent to those provided in your home country.
I can’t believe I’m going to continue to use my Roku (and all my electronic devices) after knowing all this. I’ve become a fool for the sake of convenience and entertainment. Is this the point where you realize you’ve given up on the notion of privacy?
Tin Foil Hat Time 